A
A
AndreyTT2016-08-04 14:42:56
openvpn
AndreyTT, 2016-08-04 14:42:56

Why do clients in OPENVPN ping through one?

Good afternoon!
A bunch of OpenVPN server + 3 clients.
Server config:

local 22.22.22.22
port 2002
proto udp
dev tun
ca /etc/openvpn/cert/ca.crt
cert /etc/openvpn/cert/server.crt
key /etc/openvpn/cert/server.key  # This file should be kept secret
dh /etc/openvpn/cert/dh2048.pem
server 10.10.10.0 255.255.255.0
ifconfig-pool-persist /etc/openvpn/users/ipp.txt
client-config-dir /etc/openvpn/users/
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
client-to-client
keepalive 10 120
tls-auth /etc/openvpn/cert/ta.key 0 # This file is secret
cipher AES-128-CBC   # AES
comp-lzo
max-clients 15
user nobody
group nogroup
persist-key
persist-tun
status /etc/openvpn/users/log/status.log
log         /etc/openvpn/users/log/system.log
log-append  /etc/openvpn/users/log/append.log
verb 3
mute 20
#черный список для базы клиентов
;crl-verify /etc/openvpn/black/crl.pem

and 3 clients:
10.10.10.6 OS Win8.1
10.10.10.14 OS Win10
10.10.10.18 Os Android 6.0.1
For some reason, the ping goes like this:
10.10.10.6--->10.10.10.18 Ping
10.10.10.14-->10.10 .10.18 Ping
10.10.10.14-->10.10.10.6 No answer
10.10.10.6-->10.10.10.14 No answer
I.e. machines under Windows do not ping each other, although they connect to VPn perfectly and see the gateway 10.10.10.1 perfectly.
UPDATE:
Windows client connection log:
Thu Aug 04 16:13:09 2016 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{6ECE8FD8-C1AC-}.tap
Thu Aug 04 16:13:09 2016 TAP-Windows Driver Version 9.9 
Thu Aug 04 16:13:09 2016 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.10.10.6/255.255.255.252 on interface {6ECE8FD8-C1AC-} [DHCP-serv: 10.10.10.5, lease-time: 31536000]
Thu Aug 04 16:13:09 2016 Successful ARP Flush on interface [9] {6ECE8FD8-C1AC-}
Thu Aug 04 16:13:14 2016 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
Thu Aug 04 16:13:14 2016 C:\Windows\system32\route.exe ADD 22.22.22.22 MASK 255.255.255.255 192.168.0.1
Thu Aug 04 16:13:14 2016 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=25 and dwForwardType=4
Thu Aug 04 16:13:14 2016 Route addition via IPAPI succeeded [adaptive]
Thu Aug 04 16:13:14 2016 C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.10.10.5
Thu Aug 04 16:13:14 2016 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Thu Aug 04 16:13:14 2016 Route addition via IPAPI succeeded [adaptive]
Thu Aug 04 16:13:14 2016 C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.10.10.5
Thu Aug 04 16:13:14 2016 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Thu Aug 04 16:13:14 2016 Route addition via IPAPI succeeded [adaptive]
Thu Aug 04 16:13:14 2016 MANAGEMENT: >STATE:147031694,ADD_ROUTES,,,
Thu Aug 04 16:13:14 2016 C:\Windows\system32\route.exe ADD 10.10.10.0 MASK 255.255.255.0 10.10.10.5
Thu Aug 04 16:13:14 2016 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Thu Aug 04 16:13:14 2016 Route addition via IPAPI succeeded [adaptive]
Thu Aug 04 16:13:14 2016 Initialization Sequence Completed
Thu Aug 04 16:13:14 2016 MANAGEMENT: >STATE:147031694,CONNECTED,SUCCESS,10.10.10.6,22.22.22.22

ipconfig:
ipv4:10.10.10.6
маска 255.255.255.252

Answer the question

In order to leave comments, you need to log in

1 answer(s)
S
SergeySL, 2016-08-04
@AndreyTT

Are Windows firewalls disabled (or are VPN exceptions in place)?

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question